ForgeRock releases OpenAM 10.0.0

SAN FRANCISCO, Calif. – April 16, 2012 – ForgeRock is pleased to announce the general availability of OpenAM 10.0.0, one of the key products in the I³ Open Platform. ForgeRock strengthens OpenAM Authentication, Authorization and Federation capabilities by adding OAuth 2.0, Risk Based Authentication and the Open Identity Gateway. In addition, several key enhancements to security, performance, reliability and replication have been implemented.

The OpenAM 10.0.0 release is a major upgrade and it sets the stage for a modern architecture and introduces many new important features, general improvements to the core product, as well as to the agents. A large amount of the code base has been audited and cleaned up, and as a result the overall quality has been improved. Since the initial release of OpenAM more than a thousand bugs, security issues and improvements have been resolved.

OpenAM 10.0.0 is the result of several months of intensive research and development work at ForgeRock combined with input and feedback from the flourishing ForgeRock open source community for OpenAM and our customers. This release significantly strengthens the security and integration capabilities of the standards based I³ Open Platform. It includes improvements in the areas of Federation with SAML 2.0 and OAuth 2.0, application integration, Risk Based Authentication, and key enhancements in security, reliability, performance and the underlying replication architecture.

The release features the following industry-leading capabilities:

  • Open Identity Gateway (OpenIG): A high performance identity proxy that expedites the integration of web applications into an OpenAM Single Sign-On environment without touching the application. Ideal for legacy applications where changes to the security model are contraindicated. OpenIG also extends the SAML 2.0 Service Provider capabilities of the OpenAM offering.
  • Risk Based Authentication: Measure the risk associated with an authentication event and challenge with additional stronger credentials if the need arises. This is now part of the authentication framework and includes capabilities such as geographic location evaluation, time since last login, number of authentication failures check, ip address history check, cookie associated with a device check and attribute profile check, among others.
  • OAuth 2.0 authentication: Users can now federate their accounts from Google, Facebook, MSN, and any OAuth 2.0 provider with OpenAM.
  • SAML 2.0 Identity Provider enhanced capabilities that ease the interaction with end-users for several tasks such as approval of attribute release to service providers. This is implemented as an additional hook into the SAML 2.0 framework.
  • ForgeRock’s OpenDJ is now the embedded configuration store.

OpenAM comprises in one single product the features and capabilities usually found in several products. The latest version can be obtained from the OpenAM community downloads area.

Recent Press Releases:

ForgeRock Appoints David Burden As Chief Information Officer

San Francisco — June 15, 2021 — ForgeRock®, a global digital identity leader, today announced the appointment of David Burden as the company's Chief Information Officer (CIO). Burden will oversee IT operations, provide strategic direction for the company's enterprise systems and deliver technology solutions to drive innovation and operational excellence to support its rapidly scaling business, while also improving employee productivity and customer experience.

ForgeRock's 2021 Consumer Identity Breach Report Reveals Unprecedented 450% Surge in Breaches Containing Usernames and Passwords

San Francisco — June 7, 2021 — ForgeRock®, a global digital identity leader, today announced findings from its 2021 Identity Breach Report, revealing an unprecedented 450% surge in breaches containing usernames and passwords globally. The report also found unauthorized access was the leading cause of breaches for the third consecutive year, increasing year-over-year for the past two years, accounting for 43% of all breaches in 2020.

ForgeRock Appoints Salesforce Executive Chris Lyon SVP and Global Head of Engineering

San Francisco — May 24, 2021 — ForgeRock®, a global digital identity leader, today announced the appointment of Chris Lyon as senior vice president and global head of engineering. In his new role, Lyon will lead global engineering and report to ForgeRock's chief product officer (CPO) Peter Barker.